You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

HJT Log - Help needed again...

A few months ago, my laptop was about ready for the recycling bin and you guys resurrected it. Its not as infected now, but I'm having trouble again so of course I'm coming back. You guys deserve medals.

Next, update Ad-Aware and download the VX2 Cleaner Plug-in. Unzip the VX2 plugin to the directory C:\Program Files\Lavasoft\Ad-Aware SE Personal\Plugins. There should be two files in the Plugins directory called "vx2cleaner.dll" and "vx2cleaner.dlx" when properly installed.

Run Ad-Aware, then click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK", then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.

Reboot your PC and run Ad-Aware again. This time, click on the Start button in Ad-Aware, select "Perform smart system scan" and click Next. Once the scan finishes, click "Next" again. Select all objects found (right click anywhere in the list of found objects and click "Select All Objects"). Click "Next" one more time, then "OK" to confirm the removal.

You will be prompted to set Ad-Aware to run on reboot, click "OK". Exit Ad-Aware and restart your PC once again.

When Ad-Aware starts up, click on "Start", then "Next". Follow the steps above if anything is found, or click "Finish", then exit Ad-Aware.

Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log. Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until you are asked to do so!

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

From the l2mfix folder on your desktop, double click l2mfix.bat and select option #2 for Run Fix by typing 2 and then pressing enter, then press any key to reboot your computer. After a reboot, your desktop and icons will appear, then disappear (this is normal). L2mfix will continue to scan your computer and when it's finished, notepad will open with a log. Copy the contents of that log and paste it back into this thread, along with a new hijackthis log.

Have I helped you? Please consider donating to help me continue with the fight against malware. Click here

Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. ****************************************************************************REGEDIT4

Make sure that you have no browser windows open as this could prevent the fix from working properly. Open HijackThis, scan and when complete, remove the following entries by checking the box to the left and clicking 'fixed checked':

The only file I could find from your list was the SurfSideKick3.exe file to delete from my hard drive.

Also, after deleting several items after the HJT scan, they reappear on the following scan, such as R3 - URLSearchHook:....SurfSideKick3\SSkBho.dll. In addition, while trying to delete the selections after the scan, a box appears stating that O20 - AppInit_DLLs: repairs.dll could not be removed.